GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,537
Composer 4,454
Erlang 33
GitHub Actions 22
Go 2,153
Maven 5,330
npm 3,818
NuGet 693
pip 3,492
Pub 12
RubyGems 902
Rust 903
Swift 38

Unreviewed advisories

All unreviewed 246,984

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

24,798 advisories

Filter by severity

Sort by

Least recently updated

Use of Hard-coded Cryptographic Key vulnerability in the WebReportsApi.dll of Exago Web Reports,... Critical Unreviewed

CVE-2022-1400 was published Aug 18, 2022

An Argument Injection or Modification vulnerability in the "Change Secret" username field as used... Critical Unreviewed

CVE-2022-1399 was published Aug 18, 2022

GPAC mp4box 2.1-DEV-revUNKNOWN-master has a use-after-free vulnerability in function... Critical Unreviewed

CVE-2022-36190 was published Aug 18, 2022

IBM Security Verify Governance Identity Manager 10.0 virtual appliance component performs an... Critical Unreviewed

CVE-2022-22455 was published Aug 18, 2022

DedeCMS v5.7.93 - v5.7.96 was discovered to contain a remote code execution vulnerability in... Critical Unreviewed

CVE-2022-35516 was published Aug 18, 2022

A vulnerability was found in laravel 5.1 and classified as problematic. This issue affects some... Critical Unreviewed

CVE-2022-2870 was published Aug 18, 2022

The vulnerability causing from insufficient verification procedures for downloaded files during... Critical Unreviewed

CVE-2022-23764 was published Aug 18, 2022

In Sony Xperia series 1, 5, and Pro, an out of bound memory access can occur due to lack of... Critical Unreviewed

CVE-2022-23747 was published Aug 18, 2022

Novel-Plus v3.6.1 was discovered to contain a SQL injection vulnerability via the keyword... Critical Unreviewed

CVE-2022-35121 was published Aug 18, 2022

Softing Secure Integration Server, edgeConnector, and edgeAggregator software ships with the... Critical Unreviewed

CVE-2022-2336 was published Aug 18, 2022

An access control issue in Ecowitt GW1100 Series Weather Stations <=GW1100B_v2.1.5 allows... Critical Unreviewed

CVE-2022-35122 was published Aug 18, 2022

DoraCMS v2.18 and earlier allows attackers to bypass login authentication via a crafted HTTP... Critical Unreviewed

CVE-2022-35147 was published Aug 18, 2022

An unquoted search path vulnerability exists in 'JustSystems JUST Online Update for J-License'... Critical Unreviewed

CVE-2022-36344 was published Aug 17, 2022

Tenda AC9 V15.03.2.21_cn is vulnerable to command injection via goform/SetSysTimeCfg. Critical Unreviewed

CVE-2022-36273 was published Aug 17, 2022

Mingsoft MCMS SQL injection vulnerability in /mdiy/page/verify URI via fieldName parameter Critical

CVE-2022-36272 was published for net.mingsoft:ms-mcms (Maven) Aug 17, 2022

Mingsoft MCMS SQL injection vulnerability in /mdiy/model/delete URI via models List Critical

CVE-2022-36599 was published for net.mingsoft:ms-mcms (Maven) Aug 17, 2022

The Emerson ROC and FloBoss RTU product lines through 2022-05-02 perform insecure filesystem... Critical Unreviewed

CVE-2022-30264 was published Aug 17, 2022

Clinic's Patient Management System v1.0 is vulnerable to SQL Injection via /pms/update_medicine... Critical Unreviewed

CVE-2022-36242 was published Aug 17, 2022

There is a code injection vulnerability in Esri Portal for ArcGIS versions 10.8.1 and below that... Critical Unreviewed

CVE-2022-38193 was published Aug 17, 2022

When using Ingest Actions to configure a destination that resides on Amazon Simple Storage... Critical Unreviewed

CVE-2022-37437 was published Aug 17, 2022

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4,... Critical Unreviewed

CVE-2021-39085 was published Aug 17, 2022

A vulnerability, which was classified as critical, has been found in SourceCodester Guest... Critical Unreviewed

CVE-2022-2847 was published Aug 17, 2022

Sequi PortBloque S has a improper authentication issues which may allow an attacker to bypass the... Critical Unreviewed

CVE-2022-2662 was published Aug 17, 2022

Magento XML Injection vulnerability in the Widgets Module Critical

CVE-2022-34253 was published for magento/community-edition (Composer) Aug 17, 2022

An issue was discovered in taocms 3.0.2. in the website settings that allows arbitrary php code... Critical Unreviewed

CVE-2022-36262 was published Aug 16, 2022

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

24,798 advisories